131 matches found
Netmaker vulnerable to Insufficient Granularity of Access Control
Impact Improper Authorization functions leads to non-privileged users running privileged API calls. If you have added users to your Netmaker platform who whould not have admin privileges, they could use their auth token to run admin-level functions via the API. In addition, differing response cod...
Privilege Escalation
is vulnerable to privilege escalation. The vulnerability exists due to insufficient granularity of access control in netmaker which allows a remote authenticated attacker to gain elevated privileges on the system by sending a specially-crafted request using the API...
CVE-2022-36110
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
Authorization
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110 Netmaker vulnerable to Insufficient Granularity of Access Control
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions...
CVE-2022-36110
Netmaker (WireGuard-based networking) is affected by an improper authorization issue prior to v0.15.1, where non-admin users could perform admin-level API calls using their auth tokens. Root cause: insufficient granularity of access control allowing privilege escalation via the API. Impact per so...
Gravitl Netmaker 安全漏洞
Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. For creating and controlling automated virtual networks. A security vulnerability exists in Gravitl Netmaker versions prior to 0.15.1 that stems from an...
PT-2022-23199
Name of the Vulnerable Software and Affected Versions Netmaker versions prior to 0.15.1 Description The issue is related to Improper Authorization functions, which allow non-privileged users to run privileged API calls. If users without admin privileges are added to the Netmaker platform, they ca...
GHSA-86F3-HF24-76Q4 Use of Hard-coded Cryptographic Key in Netmaker
Impact There is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server, if you know the address and username of the admin. This effects the server netmaker component, and not clients. Patches This has been patched in Netmaker v0.8.5, v0.9.4...
Use of Hard-coded Cryptographic Key in Netmaker
Impact There is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server, if you know the address and username of the admin. This effects the server netmaker component, and not clients. Patches This has been patched in Netmaker v0.8.5, v0.9.4...
Gravitl Netmaker has an unspecified vulnerability
Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. Used to create and control automated virtual networks, Gravitl Netmaker contains a security vulnerability that could be exploited by an attacker to run...
GHSA-6RRW-4FM9-RGHV Use of Hard-coded Cryptographic Key in Netmaker
Netmaker prior to versions 0.8.5, 0.9.4, 0.10.0, and 0.10.1 uses a hard-coded cryptographic key...
Use of Hard-coded Cryptographic Key in Netmaker
Netmaker prior to versions 0.8.5, 0.9.4, 0.10.0, and 0.10.1 uses a hard-coded cryptographic key...
CVE-2022-23650
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and...
Hardcoded credentials
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and...
CVE-2022-23650
Netmaker server component contains a hard-coded cryptographic key that, prior to v0.8.5, v0.9.4, and v0.10.0, could be exploited to run admin commands on a remote server if the attacker knows the admin’s address and username. The issue is limited to the Netmaker server and not clients. Patches ar...
CVE-2022-23650 Use of Hard-coded Cryptographic Key in Netmaker
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and...
CVE-2022-23650 Use of Hard-coded Cryptographic Key in Netmaker
Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and...